libarchive (3.2.2-3.1)
[PTS] [DDPO]
OK: VCS matches the version in the archive
- Git: https://anonscm.debian.org/git/collab-maint/libarchive.git
-
- Branch: master
- Path: debian/changelog
- Browser: https://anonscm.debian.org/cgit/collab-maint/libarchive.git
- Last scan: 2017-10-18 06:03:18+00
- Next scan: 2017-10-20 01:40:00+00
- Debian changelog in Git:
libarchive (3.2.2-3.1) unstable; urgency=high
* Non-maintainer upload.
* Reupload 3.2.2-2.1 on top of 3.2.2-3
* archive_strncat_l(): allocate and do not convert if length == 0
(CVE-2016-10209) (Closes: #859456)
* Reread the CAB header skipping the self-extracting binary code
(CVE-2016-10349, CVE-2016-10350) (Closes: #861609)
* Do something sensible for empty strings to make fuzzers happy
(CVE-2017-14166)
Fixes heap-based buffer over-read in the atol8 function. (Closes: #874539)
-- Salvatore Bonaccorso <carnil@debian.org> Thu, 14 Sep 2017 16:02:10 +0200
- This branch is even with tag debian/3.2.2-3.1
